Provably-secure quantum randomness expansion with uncharacterised homodyne detection

Quantum random number generators (QRNGs) are able to generate numbers that are certifiably random, even to an agent who holds some side information. Such systems typically require that the elements being used are precisely calibrated and validly certified for a credible security analysis. However, this can be experimentally challenging and result in potential side-channels which could compromise the security of the QRNG. In this work, we propose, design and experimentally demonstrate a QRNG protocol that completely removes the calibration requirement for the measurement device. Moreover, our protocol is secure against quantum side information. We also take into account the finite-size effects and remove the independent and identically distributed requirement for the measurement side. More importantly, our QRNG scheme features a simple implementation which uses only standard optical components and are readily implementable on integrated-photonic platforms. To validate the feasibility and practicability of the protocol, we set up a fibre-optical experimental system with a home-made homodyne detector with an effective efficiency of 91.7% at 1550 nm. The system works at a rate of 2.5 MHz, and obtains a net randomness expansion rate of 4.98 kbits/s at 1010 rounds. Our results pave the way for an integrated QRNG with self-testing feature and provable security.

model may not capture the actual physical process due to unexpected device changes and the amount of extractable randomness can be overestimated. Crucially, this could lead to catastrophic outcomes when the device is used for cryptography, for example.
An elegant solution is to consider new forms of QRNGs which provide certifiable randomness based on minimal assumptions about the underlying quantum measurement process. This is made possible by exploiting the unique correlations established by quantum measurements on entangled systems. The best example is the Device-Independent (DI) QRNG 1,[5][6][7][8][9] . However, in view of the demanding experimental requirements for a loophole-free observation of nonlocal correlations 5,7,10 , it is generally believed that the first practical application of such DI QRNGs will likely be Randomness Beacons 7,8 .
There are other QRNGs that make reasonable assumptions about the system and require only a partial characterisation of the device. These schemes provide a system performance improvement in terms of the implementation complexity and the random number generation rate when compared to DI QRNGs. Due to the partial characterisation feature, this class of QRNGs is often called semi-DI QRNG. A comparison of different QRNG studies is listed in Table 1.
For practical semi-DI randomness generations, the following features are highly desirable in practical applications. Firstly, the security of the randomness generation should rely on only a few justifiable assumptions on the system operation and its critical components. This would ensure that these QRNGs remain secure even in the presence of unexpected device changes. Secondly, it should also provide a relatively high randomness generation rate. Finally, the QRNG should be cost-effective and have small footprints. The latter would be essential in a wide range of applications: from handheld devices to Internet-of-Things.
In this regard, balanced homodyne detection offers distinct advantages in practical randomness generation. Firstly, as balanced homodyne detectors simply consist of a pair of photodiodes and some electrical components, they are readily implementable on integratedphotonic platforms [11][12][13][14] . Hence, QRNGs that are based on homodyne detectors have a unique practical advantage in terms of the costeffectiveness, compactness and system stability. Secondly, homodyne detection works at room temperature and no additional cooling is needed. This, again, reduces the system complexity and eliminates the extra requirement for space consumption.
Unfortunately, due to many practical limitations, real homodyne detectors often deviate from an ideal quadrature measurementwhich is the standard theoretical model for a balanced homodyne detection. Firstly, modelling homodyne detectors as perfect quadrature measurements of the input optical field requires the local oscillator (LO) to operate at the high intensity limit 15,16 , which may not be the case in the actual implementation. In addition, implementing the perfect quadrature measurement would also require perfect photon number subtraction which is non-trivial in the presence finite common-mode rejection ratio (CMRR) and imbalance drifts. Moreover, in contrast to perfect quadrature measurements, practical homodyne detectors are subjected to electronic noise, LO intensity fluctuations, finite detection range, etc. While there are theoretical studies on how to account for these imperfections in the model (for example, the standard theoretical treatment for electronic noise is to model it as an independent noise 17,18 with Gaussian and stationary nature 18,19 ), the model demands an accurate characterisation of each imperfection. Not only is this task technically demanding, there is actually a danger of false precision with the model-based approach as the quality of the homodyne detector may degrade over time. In that Refs. 70 Table, protocols that are compatible with on-chip implementation refer to protocols which are built on photodiodes, e.g., homodyne detection, which had been implemented on the Photonic Integrated Circuits (PICs) (for example, see refs. [11][12][13][14]. On-chip single-photon detection has also been demonstrated recently 80,81 but it has not been widely adopted yet. Moreover, cooling is typically required in single-photon detection to achieve a desirable dark count level, which leads to additional system complexity and space usage.
Semi-DI Semi-Device-Independent scheme, DI Device-Independent scheme. a By assuming Gaussianity and stationarity of the noisy processes. b With additional assumption on the input energy. c With assumption on the overlap of the states. d With additional assumptions of i.i.d. source and channel. e With additional assumption on the system dimension. f The randomness certification presented in this paper contained some errors as clarified in subsequent papers 77,78 . The experiment was then re-analysed in ref. 79 where it was shown that randomness against quantum side information was indeed attained.
Article https://doi.org/10.1038/s41467-022-35556-z case, this would invalidate the model and hence, the randomness generated by the homodyne detection may be overestimated. Additionally, it has been pointed out that finite bandwidths of practical homodyne detector may result in correlations among successive rounds of the QRNG operation 19,20 . In this case, the experimental rounds in practice would be unlikely to exhibit a completely independent and identically distributed (i.i.d.) behaviour. In particular, comparing to the quantum state generation part, the homodyne detector with a shot-noise-limited performance generally has a more restricted working bandwidth 17,21 . Therefore, it is of great interest to devise a randomness certification that can mitigate (if not fully remove) the i.i.d. assumption for the system operation. Moreover, as any QRNG protocols have to be executed in a finite number of rounds, finite-size effects (such as statistical fluctuations) should be taken into consideration. This is especially important for semi-DI and DI QRNGs, whose randomness certification relies on experimental statistics, which necessarily entail statistical fluctuations.
In this work, we propose a novel semi-DI QRNG protocol based on homodyne detection and certify its security against quantum side information. Given the challenges with modelling the homodyne detector, our proposed framework treats it as a black-box quantum measurement which sidesteps the demanding characterisation requirement of the model-based approach. Importantly, our framework does not require any i.i.d. assumption on the measurement device which protects the security of the protocol against potential correlations shared between different rounds. Moreover, the proposed protocol is composably secure [22][23][24] , which guarantees that the random numbers produced by our protocol can be securely used for cryptographic applications. Furthermore, we show that our protocol can produce more randomness than that consumed (for choosing the settings for the devices) in the protocol. As such, our protocol is a quantum randomness expansion (QRE) protocol.

Protocol description
We shall now present our proposed randomness generation protocol. The protocol that we consider is a prepare-and-measure (P&M) protocol with an uncharacterised measurement device. To illustrate the protocol, it is convenient to consider a device that consists of two parts: a trusted source of quantum states (which we assume to be operated by Alice) and an uncharacterised measurement device (which is operated by Bob). As such, the protocol that we consider is a self-testing protocol in which the working of Bob's measurement device is not assumed a priori, but could be verified during the protocol using the spot-checking scheme in which every round is randomly assigned to be a generation or test round.
To that end, suppose that during the test round, the device plays a P&M game G. A P&M game can be thought of as a P&M analogue of the more well-known non-local games in the context of Bell nonlocality 25,26 and device-independent protocols. In a P&M game, Alice receives a random input x from a pre-defined set X and then prepares the state |ψ x from the set of states S X . Similarly, Bob receives an input y from a pre-defined set Y and uses it as his measurement setting. Let us suppose that Alice and Bob receive those inputs with probability q(x, y) which is fixed for a given game. For each pair of inputs x and y, the game G defines the winning outcome b xy ∈ {0, 1}. For a given round, the device wins the game when Bob outputs the winning outcome; otherwise, the device loses the game. In the Methods section, we present a systematic method to choose the winning outcome b xy as well as the probability of choosing each pair of inputs q(x, y).
The protocol that we propose is given in Box 1 In the experiment reported in this work, we consider X = f0, 1, 2, 3g, the set of states S X = f|αe ixπ=2 : x 2 X g and Y = f0, 1g. Furthermore, the honest implementation corresponds to homodyne detection with its LO's phase set to φ = π/2 when y = 0 and φ = 0 when y = 1. The measurement device would then output b = 0 if the result of the homodyne measurement is positive; else, it would output b = 1. The quantum states in this case correspond to quadrature phase shift keying (QPSK) modulation format, which is compatible with standard optical modulation techniques. Remarkably, it is straightforward to generalise the protocol to include more states or more measurement settings, e.g. quadrature amplitude modulation (QAM).

Security framework
We shall now consider the security of our protocol. Here, we consider a framework in which the measurement device is uncharacterised and hence, when analysing the security of the proposed protocol, we shall treat Bob's measurement as a set of abstract measurement operators. In particular, we do not assume that Bob's measurement device behaves independently and identically for each round.
Likewise, we do not assume that the quantum channel faithfully transmits the quantum states sent by Alice, nor it behaves independaently and identically for each round. As we do not limit the dimension of the Hilbert space of the channel output, we can model any quantum channel by an isometry U which preserves the innerproduct of the states prepared by Alice's trusted source.

Our proposed QRNG protocol
Arguments: n-the number of rounds γ-testing probability X -the set of possible inputs for Alice S X -the set of states that Alice can prepare Y-the set of possible inputs for Bob G = fðb xy , qðx, yÞÞ : x 2 X , y 2 Yg-the P&M game ω-the expected probability of winning the game G δ-the width of the confidence interval for the winning probability Ext-a strong quantum-proof seeded extractor S-random seed for randomness extraction Protocol: 1. For each round i ∈ [n]: do Step 2 to 4 2. Set C i = ⊥ and randomly choose T i ∈ {0, 1} such that Pr[T i = 1] = γ.
3. If T i = 0, set X i = 0 and Y i = 0. Else, set X i = x 2 X and Y i = y ∈ {0, 1} with probability q(x, y). 4. Alice prepares the coherent state |ψ X i i 2 S X depending on her input X i . Bob sets his measurement setting to Y i and records the output If |fi : C i = 0g| > nγð1 À ω + δÞ, then abort the protocol. Otherwise, we accept the protocol execution and preserve the data for further processing. 6. Apply a quantum-proof strong seeded extractor Ext using a uniformly chosen random seed S. Denote the output Z = Ext(B, S).
Since a strong extractor is used, the protocol outputs the concatenation K = (Z, S).
Additionally, we also allow the adversary (or any agent trying to guess the output of the protocol), Eve, to have some pre-shared entanglement with Bob's uncharacterised device, but due to some technicality regarding the method used to certify the generated randomness, we assume that Eve does not obtain additional quantum side information when the protocol is executed. This assumption can be well justified for the setting considered in QRNG protocols where Alice and Bob are both inside the same secure location.
Finally, we also assume that the device is equipped with trusted and private random seed that is used to choose the inputs for each round as well as to perform seeded extraction. For a detailed discussion on the assumptions we make in the randomness certification, we refer the readers to the Methods section 'Randomness certification'.
The security of our protocol relies on the quantum-proof strong seeded extractor which guarantees that whenever the protocol is not aborted, the output string is close to an ideal random bit-string that is uniformly random and independent from any pre-shared quantum information held by the adversary as well as the initial random seed. Hence, we have to certify that our protocol produces enough randomness (measured in terms of the conditional smooth min-entropy of the raw string) before applying the randomness extraction. To that end, we adopt the framework of entropy accumulation theorem (EAT) [27][28][29][30] . Informally, the EAT states that when our protocol is not aborted, the conditional smooth min-entropy of the raw string given Eve's side information and the random inputs is at least Importantly, the leading term which scales linearly with the number of rounds n can be evaluated by analysing a single-round of the protocol. The constant of proportionality h(ω, δ) as well as the correction term Oð ffiffiffi n p Þ can then be computed using a semi-definiteprogramming (SDP) technique introduced in ref. 31 . More precisely, we have the following theorem. Theorem 1. (Entropy accumulation theorem (as modified from Lemma III.3 of ref. 30 )) Let Ω denote the event in which our QRNG protocol is not aborted and ρ Ω be the final state conditioned on this. Let f(1−ν) be an affine lower bound on the single-round conditional von Neumann entropy for any strategy that wins the game G with probability ν. For fixed parameters ϵ s , ϵ EA , β ∈ (0, 1), then either our QRNG protocol aborts with probability greater than 1−ϵ EA or H ϵ s min ðB|T, X, Y, EÞ ρ Ω > nf ð1 À ω + δÞ À The explicit expressions for the functions f, V, K can be found in the "Methods" section 'Randomness certification'. As Theorem 1 holds for any choice of β, as we can see in the Methods section, we can choose β / 1= ffiffiffi n p such that the correction term would scale with ffiffiffi n p as claimed earlier. We refer to the parameter ϵ EA as the entropy accumulation error. As can be seen from Theorem 1, it quantifies our tolerance of encountering an event in which the protocol is not aborted but the lower bound (2) on the accumulated entropy does not hold.
Finally, with the lower bound on the conditional smooth minentropy being established, we can use the quantum leftover hash lemma 32,33 to find the extractable length of the output string Z, denoted by ℓ. As the extractor seed S is part of the protocol output K, the expected net randomness expansion rate r net is then defined as where ℓ in is the expected amount of randomness used during the protocol to choose the settings of the device. The details of randomness certification, the estimation of the input randomness can be found in "Methods" section 'Randomness certification' and 'Input randomness', respectively.

Experimental implementation
In order to verify the feasibility of the proposed protocol, we set up a fibre-optic experimental system. The schematic diagram is shown in Fig. 1a.
Our experimental system is composed of two main parts, quantum state generation and quantum state measurement. In the quantum state generation, a laser diode emits continuous-wave (c.w.) laser with a central wavelength of 1550 nm and a linewidth of 50 kHz, which is split into two paths, one for quantum state preparation and the other as Local Oscillator (LO) for homodyne detection. In the signal path, an Intensity Modulator (IM) first curves the c.w. laser into pulses with pulse width of 4 ns each, for defining the temporal mode of the quantum states. Besides, the IM could also perform the intensity modulation for QAM-16 state generation. A Phase Modulator (PM) modulates the phase of the quantum states. Thereafter, the optical signals are attenuated to single-photon energy level with an optical attenuator, to finally generate the QPSK quantum states f|αe ixπ=2 g where x ∈ {0, 1, 2, 3}, whose constellation diagram is shown in Fig. 1b.
In the quantum state measurement, a homodyne detector is deployed. To maximise the generated randomness, we developed a high-efficiency and low-noise fibre-coupled homodyne detector. To minimise the optical loss, we first adopt a pair of high-efficiency photodiodes (PDs) for photon detection. Moreover, we apply anti-reflection coated graded-index (GRIN) lens for the light coupling from optical fibre to the PDs. The overall efficiency of the PD including the coupling loss is measured to be 98.3% and 98.8%, respectively. The signal and LO are interfered in a balanced polarisation maintaining fibre-optical beam splitter (BS) before detection, providing good mode matching for a stable and efficient interference. After a careful balancing of the two arms, the photocurrents are subtracted and then amplified by a lownoise amplifier. The characterisation results of our homodyne detector are shown in Fig. 1 (d, e). The 3 dB bandwidth of our homodyne detector is~72 MHz, and the clearance (shot noise to electronic noise ratio) is measured to be 16.94 dB with a 10 mW LO. Taking all the factors into consideration, the total effective efficiency of our homodyne detector is characterised to be 91.7%. The details of homodyne characterisation and modelling are provided in the "Methods" section 'Homodyne detector modelling and characterisation'.
In the actual experiment, the settings for quantum state preparation and measurement need to be optimised for a high net randomness expansion rate. For example, the randomness generation round could be chosen for most of the time (with a small testing probability γ) to obtain the optimal generation rate. This raises an issue with our AC-coupled systems such as the homodyne detector and the amplifiers for driving the modulators, where a DC-balanced data streams are preferred to eliminate potential signal distortions 34 . To mitigate this, we apply a complementary modulation scheme in our experiment where the protocol based on QPSK modulation is performed, as shown in Fig. 2a. With our scheme, the quantum state preparation is performed on two-mode coherent states, which are based on the two successive temporal modes. In this case, the modulation patterns for the state preparation and LO phase setting are naturally DC-balanced with any settings x and y. Besides, the two temporal modes are modulated with a π phase difference, while the LO phase settings are kept the same. As such, the expectation values of the individual quadrature measurements of the two temporal modes possess opposite values. Hence, the outputs of the homodyne detector are also naturally DC-balanced for all experimental settings. The quadrature measurement of the two-mode coherent state in this case is q t = 1 ffiffi 2 p ðq e À q l Þ, where q e and q l are the quadrature measurement value of the two individual temporal modes. For more details about the two-mode coherent states, please refer to the "Methods" section 'Twomode coherent state'.
To faithfully implement the QRNG protocol, a fixed phase reference between the signal and LO is required. To this end, a feedback control for phase locking (not shown in Fig. 1a) is deployed, by analysing the statistics of the reference signals as well as the signals for QRNG execution. The illustration of the time frame configuration of our QRNG is shown in Fig. 2b.
At this point, we emphasise that since our QRNG protocol does not require any characterisation of the measurement device (i.e., the homodyne detector), our efforts in loss and noise reduction, phase locking, etc. do not affect the soundness of the randomness certification, but will certainly improve the performance in terms of randomness generation rate, the system stability (which is related to the completeness of the protocol), etc.
Based on Theorem 1, the quantum leftover hash lemma, and the definition of the expected net randomness expansion rate given in Eq.
(3), we first simulate the performance of our proposed protocol. The simulated net randomness expansion rate with QPSK modulation and QAM-16 modulation are shown in Fig. 3a and b, respectively.
The parameters used in the experiment are listed in Table. 2, where the mean photon number |α| 2 of quantum states in QPSK format, the probability of choosing test rounds γ are optimised based on the system efficiency of our setup and the chosen security parameters, as shown in Fig. 4a, b. The relation of the expected net randomness expansion rate and the randomness consumed is shown in Fig. 4c.  Diode (LD) emits a continuous-wave laser, which is split into two parts by a Beam Splitter(BS). One is for quantum state preparation, and the other is for Local Oscillator (LO) for homodyne detection. In the signal path, an Intensity Modulator (IM) is used for pulse curving and intensity modulation, and a Phase Modulator (PM) is used for phase modulation. The optical signal is then attenuated to singlephoton energy level by an attenuator (ATT). The final quantum states after modulation are in QPSK or QAM-16 format. In the LO path, a PM is deployed for basis choosing for the homodyne detection. The signal states and the LO are mixed on a balanced BS, and the photocurrent of two photodiodes (PD) are subtracted and further amplified. Finally, a data acquisition (DAQ) device samples the signal and obtain the data for analysis. b, c Constellation diagram for QPSK modulation and QAM-16 modulation, respectively. The blue circles represent the quantum states to be prepared by the transmitter. The circle with red centre represents the state used when the randomness generation round is chosen, and all the states are used for the testing rounds. The black dashed lines represent the two measurement bases in our protocol. For the convenience of illustration, we shift the phase of the states and measurements by π/4 comparing to the descriptions in the main text. This will not affect either the security analysis or the experimental results. d, e Homodyne detector characterisation. d Power spectrum of the homodyne detector from DC to 120 MHz. The 3 dB bandwidth is~72 MHz. e Noise variance for different LO powers. A clearance of 16.94 dB is obtained with 10 mW LO input.
According to the construction described in the "Methods" section 'Formulating a P&M game'., we formulate the P&M game G used in our QRNG protocol as shown in Table. 3, which determines the probability of choosing settings for Alice's input x and Bob's input y for test rounds and the scoring rules. Based on our model of the honest implementation (refer to the "Methods" section 'Two-mode coherent state' for details), we set ω = 0.59422 and δ = 0.00189 for the experiment, which represents the expected winning probability, and the confidence interval for the winning probability, respectively.
We collect n = 1 × 10 10 rounds of data in the experiment, and obtain an observed winning probability of ω obs = 0.59443, which is very close to the expected value. The number of rounds in which the players lost the game is 942820, which is within the acceptance range n lost ≤ 946026. Hence, the protocol execution is accepted, and we could certify a gross randomness generation rate (the randomness generated by the protocol per round) of at least 0.00455 bits per round can be obtained by running the protocol. Considering the randomness invested for determining whether a given round is a test round and the inputs of Alice and Bob (x and y), the expected randomness consumption rate in our case is 0.00256 bits per round. Therefore, the expected net randomness expansion rate of our system is 0.00199 bits per round. The observed experimental results for test rounds are shown in Table 4.
Finally, we implement randomness extraction using Toeplitz hashing with the help of a random seed. Toeplitz hashing is a family of two-universal hash functions, and it has been shown to be a strong randomness extractor 32,35,36 . This means Toeplitz hashing not only extracts randomness from a weak entropy source, but also guarantees that the output string is independent of the seed. Thus, in this work, the seed required for randomness extraction is not considered as consumed randomness as the seed can be concatenated to the output due to the properties of a strong extractor.
We utilise a Zynq Ultrascale+ FPGA (XCZU28DR) to implement randomness extraction. We construct a Toeplitz matrix with the size of 45 × 10,000 to extract the random numbers from the raw data. To achieve a faster extraction speed, we further split the Toeplitz matrix into sub-blocks of size 45 × 1000 during the extraction. In total, the size of the raw data was 10.622 Gbits (we conservatively collected a bit more data than 1 × 10 10 ), and we extracted 47.8 Mbits of random numbers from it. The detailed implementation of Toeplitz hashing on FPGA is provided in Methods section 'Randomness extraction'.

Discussion
In this section, we discuss the strengths and limitations of our work. Besides its high level of security due to its immunity to detection side channels, one of the main strengths of our protocol is its potential for miniaturisation. In the following, we discuss the feasibility of the proposed protocol to be implemented on silicon photonic integrated circuit (PIC), which is a leading platform for integrated-photonic applications with substantial advantages regarding miniaturisation, compatibility with CMOS microelectronics, and high-speed signal processing. The process design kits (PDKs) from major foundries can provide the key components on a single chip, with a decent performance stability for volume production [37][38][39] .
By leveraging mature silicon-on-insulator (SOI) technology, the optical waveguide on silicon PIC is able to provide a low propagation loss and large integration density. The 2 × 2 beam spliter can be achieved by using either evanescent couplers or multimode interference (MMI) couplers.
For the high-speed optical modulation, the carrier depletion type modulators are available for quantum state preparation. While the high-speed Germanium photodetectors could be utilised for the homodyne detection on the optical quantum states.  The integrated laser, a critical component to our QRNG system, turns out to be a hurdle that impedes full system integration on a single silicon chip. This is because pure crystalline silicon lacks a direct bandgap precluding the possibility of monolithic silicon laser 38 . Fortunately, recent integrated laser technology based on packaging or heterogeneous integration technologies could be adopted to address this problem 37 .
In this, one of our main objectives is to validate experimentally the key concept of the proposed protocol and this ultimately boils down to achieving sufficient effective efficiency of the measurement device to demonstrate positive net randomness expansion rate. To that end, we require high-efficiency PDs on silicon PICs. Fortunately, such highly efficient PDs are within the reach of current technology. For example, Globalfoundries offers PDs with >1 A/W responsivity at 1310 nm wavelength, which corresponds to a quantum efficiency of >94% 40 while AIM Photonics provides ones with quantum efficiency >80% at 1550 nm wavelength 41 . Moreover, there is more flexibility for the efficiency improvement if customised components can be used. Thus, a fully integrated version of our QRNG protocol is practically attainable with existing PIC technology.
At the system level, however, the main limitation of our current work is the relatively low randomness generation/expansion rate. We now discuss some reasons for the limited randomness expansion rate. One of the reasons is that we used Eve's guessing probability to construct the min-tradeoff function when applying the EAT. While the guessing probability can be easily computed using the SDP relaxation, this construction is generally not tight. Recently, a tight bound on the conditional von Neumann entropy that is also compatible with our SDP relaxation was developed 42 . It would be interesting to see if one can obtain an improvement in the randomness expansion rate by incorporating the new bound on the conditional von Neumann entropy.
Another reason for the limited randomness expansion rate is that we coarse-grained the homodyne detection output. Indeed, here we considered a measurement device that gives a binary output; whereas in practice, the homodyne measurement actually has a large number of discrete bins determined by the ADC circuit. The coarse-graining was done to simplify the protocol as it allows us to simply monitor the winning probability in the parameter estimation step. However, our security analysis can be extended to consider more outputs using the framework of ref. 30 . Nevertheless, there is a tradeoff between the number of outputs used in the protocol and the randomness generation rate as fine-graining the outputs would enhance the effect of the statistical fluctuations as the probability of obtaining each bin gets smaller. Finding the optimal number of bins for the measurement outputs deserve a deeper investigation in the future.
Next, our protocol also demands relatively high detection efficiency to generate net randomness expansion. As there is a tradeoff between the electronic noise (and its equivalent efficiency loss) and the working bandwidth of the system, the working frequency in our experiment is relatively low which results in the low randomness generation rate. One of the reasons for the high detection efficiency requirement is the choice of states used in the protocol. In our experiment, we use the QPSK encoding for the simplicity of the experiment. However, this choice of states may be sub-optimal. For example, as shown in Fig. 3b, a significant increase in the randomness expansion per pulse and decrease in the required detection efficiency can be seen by choosing the QAM-16 constellation. This would lead to a significant increase in the actual randomness expansion rate.
Finally, in this work, we assume that the device is sufficiently isolated from the environment such that any quantum side information that is accessible to the adversary was obtained before the start of the protocol. While this assumption can be well justified for QRNGs as both parties are inside in the same secure location, it could still be removed using the recently developed generalisation of the EAT 43,44 . The relaxed assumption may be relevant in a more pessimistic scenario where the device is surrounded by an insecure environment such that any photons that are scattered in the channel might fall into the adversary's hands. Since the bound in the generalised EAT is similar to the one derived under the original entropy accumulation framework (with slightly different correction terms), we expect that our QRNG could still exhibit randomness expansion in the more pessimistic scenario. We leave this investigation for future work.   The first row represents the probability of choosing a specific setting for Alice's input x and Bob's input y. The second and third row show the score assignment for each input-output configuration. To summarise, we present a QRNG protocol based on a completely uncharacterised homodyne detector. The security analysis takes into account the finite size effects and the non-i.i.d. measurement process, providing random number generation that is certified in the presence of quantum side information. To verify the feasibility of the protocol, we set up a high-efficiency and low noise fibre-coupled homodyne detector for experiment. The averaged quantum efficiency of the photodiode pair is 98.55% at 1550 nm, and the clearance is measured to be 16.94 dB with a 10 mW LO input. The effective efficiency of the homodyne detector is characterised to be 91.7%. In order to have a proper implementation of our protocol and remove potential signal distortions, we come up with a complementary modulation scheme and adopt the two-mode coherent states for quantum state preparation. This guarantees both the modulation signals and measurement outcomes are DC-balanced data streams, for any experimental setting during the QRNG protocol execution. The system works at a repetition rate of 2.5 MHz, and finally obtain a gross randomness generation rate of 0.00455 and a net randomness expansion rate of 0.00199, with a 1 × 10 10 rounds of protocol execution. In addition, we show that our protocol is compatible with the silicon photonics platform and is readily implementable on silicon PIC.
In conclusion, our results exhibit a practical QRNG with selftesting feature and provable security, showing a great potential for providing certifiable randomness for practical and private use.

Randomness certification
Before we explain the randomness certification of the protocol, we shall first explain the security criterion of the protocol. Consider a randomness generation protocol that produces an output string, which we label as Z. In a self-testing protocol such as ours, it is common that the legitimate parties exchange some classical information during the protocol (e.g., in the parameter estimation step). We denote the transcript of any classical communication in the protocol by M. Suppose also that the protocol involves seeded randomness extraction. We shall denote the seed used for the randomness extraction by S. Finally, any side information that is available to Eve will be denoted by E. For a given run of the protocol, let us suppose that its output can be described using the quantum state Here, we account for the probability that the protocol may abort (in which case, we denote the output of the protocol by +). Furthermore, τ l denotes the uniformly random string with length l denoted in the subscript andρ + ME describes the sub-normalised state of Eve's side information and the classical transcript when the protocol aborts. On the other hand, the sub-normalised stateσ ZSME in the second term describes the state when the protocol is not aborted where the summation is taken over all possible output and seed strings, which we denote by z and s. The sub-normalised stateρ z, s ME is the state describing Eve's side information and the classical transcript conditioned on the output string being z and the seed string being s.
Denoting the event in which the protocol is not aborted by Ω, we have Tr½ρ + ME = 1 À Pr½Ω, Tr½ρ z,s ME = Pr½Z = z, S = s, Normalising the state in which the protocol is not aborted, we obtain σ ZSME : =σ ZSME = Pr½Ω. We say that the QRNG is ε sou -sound if for a fixed ε sou ∈ (0, 1). Here, σ ME = Tr ZS ½σ ZSME . Informally speaking, the soundness of the protocol would imply that either the protocol aborts with high probability or the output of the protocol would be close (in trace-distance) to a random string with length ℓ that is independent of the seed S, any classical information being exchanged in the protocol M, and Eve's side information E. Importantly, the above security definition is composable. Hence, the output of the protocol can be securely used for other cryptographic applications. However, a protocol that always aborts would trivially satisfy the soundness condition given in Eq. (7), and such a protocol is clearly undesirable. Therefore, we also impose an additional requirement that the protocol would succeed with high probability of producing a random string when the device works as expected. Formally, we call a protocol ε com -complete if its honest implementation (which may use imperfect devices) satisfy the following for some fixed ε com ∈ (0, 1). Note that the subscript "honest" emphasises that Pr[Ω] honest is calculated with the assumption that the device works as expected, in particular, independently and identically for each round. In this case, we normally model the behaviour of the device, including its imperfection, and calculate the probability of the protocol aborting (e.g., due to statistical fluctuations in the parameter estimation) in such scenario. Next, to analyse the security of the protocol, we shall assume the following: 1. Quantum theory is correct.
2. Alice has a trusted source of quantum states that can accurately prepare the code states specified by the protocol. 3. The device is equipped with trusted and private random seed. 4. The device has access to trusted classical devices to perform any classical post-processing. 5. The device is well isolated such that it does not leak additional quantum side information nor the output string. Now, we shall briefly elaborate the assumptions mentioned above. The first assumption is normally taken for granted as quantum theory is the best available description of nature at small scale that we currently have. As such, throughout this paper, we shall assume that Eve and the devices used in the protocol obey the laws of quantum physics.
The second assumption can be practically justified by careful characterisation of Alice's source. As the scenario that is relevant for QRNG considers the case where Alice and Bob are located in close proximity to each other, one could reasonably believe that the source  is well protected from source side-channel attacks that are possible in other quantum crytographic protocols (for example, Trojan horse attacks in QKD 45 ). In particular, we assume that the source behaves identically and independently in each round. The third assumption is necessary because the measurement device which generates the raw random string in this protocol is uncharacterised. If the inputs are not chosen from a trusted random number generator, one possible scenario is that the uncharacterised measurement device could have access to the inputs before the protocol is run. In this case, it is trivial to reproduce the statistics obtained by the honest implementation of the protocol. Moreover, as our randomness certification would utilise the EAT, using a trusted random number generator could enforce the quantum Markov chain condition. Lastly, the last step of the protocol uses seeded extraction, which requires a private and uniformly random seed.
The fourth assumption is necessary for any QRNG protocol to prevent the security criteria from being trivially broken. For example, when the randomness extraction is not executed properly, it is clear that the soundness criterion may not be satisfied. Furthermore, when the output string is leaked, it is trivial to guess the output of the QRNG.
The last assumption is necessary for two reasons. Firstly, it is obvious that the security of the protocol is null when the device leaks the output string. Secondly, due to some technicality with the EAT, we need to assume that the quantum side information available to Eve is not updated as the protocol is run. It is worth noting that this assumption is not too restrictive for QRNGs since Alice and Bob are both inside the same secure location. Recently, there is a generalised version of the EAT 43,44 that allows Eve's quantum side information to be updated as the protocol is run and hence, it would be interesting to see if the assumption that the device does not leak additional quantum side information can be relaxed.
Having mentioned the assumptions we need in the security analysis, we emphasise again that we do not make any assumptions on the measurement device and the quantum channel. In particular, in a given round, the behaviour of these components can have arbitrary correlation to their inputs and outputs in the preceding rounds (unlike the source which we assumed to behave independently and identically in each round). Remarkably, our protocol remains secure even if there is a degradation in the homodyne detector or when Eve has some preshared entanglement with Bob's uncharacterised measurement device.
As elaborated previously, we want our protocol to satisfy both soundness and completeness criteria. We first prove the completeness of our QRNG protocol. To that end, we use the following theorem.
Since the protocol is aborted if |fC i : C i = 0g| > nγð1 À ω + δÞ, we can apply Theorem 2, in the same way as in ref. 9 , to get the following upper bound on the probability of the protocol being aborted Pr |fC i : C i = 0g| > nγð1 À ω + δÞ Â Ã ≤ 1 À Fðn, γð1 À ωÞ, nγð1 À ω + δÞ Ä Å Þ: Hence, by choosing the completeness error as our QRNG protocol would satisfy the completeness condition. Next, to prove the soundness of our QRNG protocol, we shall use the following Quantum Leftover Hash Lemma (Theorem 8 of ref. 33 ).
Theorem 3. (Quantum Leftover Hash Lemma 33 ) Let ρ BE 0 be a classicalquantum state and F = ff s : f0, 1g n ! f0, 1g ' g be a two-universal hash family with Z = f s (B) and the seed S ∈ {0, 1} m is chosen uniformly. Let 0 < κ ≤ ε/2 < 1, we have where τ ℓ and τ m are the uniform random strings of length ℓ and m respectively. Consequently, if we choose the output length to be where the maximisation is taken over κ ∈ (0, ε/2], then, we have On the other hand, for a fixed smoothing parameter ϵ s , the EAT (Theorem 1) guarantees that either the protocol aborts with probability of at least 1 − ϵ EA (i.e. the probability that the protocol is not aborted is upper bounded by ϵ EA ) or the conditional smooth minentropy H ϵ s min ðB|M, EÞ ρ Ω (here, M consists of the registers T, X, and Y) is lower bounded by a certain amount. By identifying the register E 0 in Theorem 3 as the register ME in the soundness criterion, we can choose the soundness error ε sou to be ε sou = maxfϵ EA , 2ðϵ s + κÞg: In this case, EAT either upper bounds Pr[Ω] by ϵ EA or-in conjunction with the Quantum Leftover Hash Lemma-guarantees that the tracedistance term (for the state in which the protocol is not aborted) in the soundness criteria is smaller than 2(ϵ s + κ). Hence, our choice of ε sou ensures that the protocol is sound in both cases considered by the EAT.
In this work, we choose ε sou = ϵ EA = 2(ϵ s + κ) where κ is chosen to maximise the expected net expansion rate.
We shall now discuss the technical details of Theorem 1. Firstly, to apply the EAT, it is important to ensure that the so-called Markov condition is satisfied during the execution of the protocol. More precisely, we want that for any round i ∈ [n], we need where I(A: B|C) denotes the quantum mutual information between A and B conditioned on C. Here, B [i] denotes the string (B 1 , B 2 , . . . B i ) that describes the measurement outcomes from the first round until the ith round.
are defined similarly. To enforce the Markov condition in the protocol, we implement each round sequentially and we choose the inputs for each round from a trusted and private random seed which is independent from the inputs and outputs from the preceding rounds. We also isolate the device such that Eve does not obtain additional quantum side information as we execute the protocol. The next ingredient we need is the so-called min-tradeoff function f (for its formal definition, we refer the readers to Definition II.4 of ref. 30 ). The min-tradeoff function is, roughly speaking, an affine lower bound on the worst case single-round conditional von Neumann entropy H(B i |X i , Y i , T i , R) that is "compatible" with the probability distribution over C = f? , 0, 1g for random variable C i . Here, R is a quantum register that is isomorphic to the pre-measured state in round i.
To construct the min-tradeoff function, we follow the framework presented in ref. 30 in the context of device-independent randomness expansion. A key difference here is that we use the bound on the conditional von Neumann entropy derived in the Theorem 14 of ref. 48 HðB instead of the bound based on conditional min-entropy used in ref. 30 . While both bounds are based on the guessing probability p g (B i |X i = 0, Y i = 0, T i = 0, R), the bound that we used here is significantly tighter than the one given by conditional min-entropy in the parameter regime in which the experiment is conducted. Another advantage is that the bound that we use is already linear, and as such, we do not need to perform the linearisation that was performed in ref. 30 to obtain an affine min-tradeoff function.
To bound the guessing probability, we use the semi-definite programming (SDP) technique proposed in ref. 31 instead of the Navascues-Pironio-Acin (NPA) hierarchy 49,50 used in ref. 30 . Both techniques are two similar hierarchies of SDP relaxation that bound the set of quantum correlations; the latter is for the device-independent scenario while the former is appropriate for the prepare-and-measure architecture considered in our protocol. For a fixed level of relaxation k, a given P&M game G, characterised by the scoring coefficients w b,x,y = qðx, yÞδ b,b xy , and some winning probability ν, the SDP for the guessing probability has the following primal form max fM b|y g b,y , fΠ e g e , U Here, fM b|y g b,y denotes Bob's POVM elements, fΠ e g e denotes the POVM elements acting on the system R and U : |ψ x ! |ϕ x denotes the isometry describing the unknown quantum channel connecting Alice and Bob. From the dual solution of (17), we can obtain a bound on the guessing probability of the form Here, p = (1 − p, p) is the score distribution of the device while λ ν and c ν are the dual solutions to the SDP (17). We emphasise that ν is a parameter that we can choose freely and it does not have to be the actual winning probability that is attained by the device. Following the arguments in ref. 30 , consider the affine function g ν , which maps a distribution over C n f?g to a real number where e c is the probability distribution where its cth entry is 1 and the other entries are zeros. Then, for some constant u ⊥ that we shall determine later, the following function f ν is a min-tradeoff function To find the worst case over all distributions which lead to the protocol being accepted, we repeat the argument presented in ref. 9 here. First, we use the condition for the protocol to be accepted, freq C (0) ≤ γ(1 − ω + δ), to deduce that if u ⊥ ≥ g ν (e 0 ), then we have Now, we demand that u ⊥ ≤ g ν (e 1 ) and hence, the second term on the right-hand side can be dropped This is increasing with u ⊥ and hence, it is best to fix u ⊥ = g ν (e 1 ). We have where the adjusted scoreω = ð1 À ω + δ, ω À δÞ. Thus, we have obtained the function f in Theorem 1. Lastly, we have to calculate the correction terms V and K. To that end, we need to consider a few properties of the min-tradeoff function. They are the following 1. Maximum over all probability distributions where P C is the set of all valid probability distributions.

Minimum over all protocol respecting distributions
where Γ denotes the set of distributions of the form (γω, 1 − γ). We call such distribution a protocol respecting distribution.
3. The maximum variance over all protocol respecting distributions To compute these quantities, we consider the maximum and minimum attainable value of g ν (over all distributions) as where λ min = min c λ ν and λ max = max c λ ν . Note that the choice of g ν (e 0 ) ≤ u ⊥ = g ν (e 1 ) implies that u ? = Max½g ν . Therefore, we are dealing with similar min-tradeoff functions as those considered in refs. 29,30 , where we have the following relations Article https://doi.org/10.1038/s41467-022-35556-z Based on the above relations, we can calculate the correction terms V and K. Following ref. 30 , the correction term V(γ, f ν ) is given by On the other hand, the other correction term K(β, γ, f ν ) is given by Kðβ, γ, f ν Þ = 2 β½1 + 2ð1ÀγÞðλ max Àλ min Þ 6ð1 À βÞ 3 ln 2 ln 3 2 1 + 2ð1ÀγÞðλ max Àλ min Þ + e 2 : Having specified the functions f ν , V and K, we can now apply Theorem 1 and Theorem 3 to prove the soundness of our QRNG protocol. This concludes the randomness certification of the protocol.

Input randomness
In the previous section, we have shown that if the extracted length ℓ is chosen according to Eq. (13), our QRNG protocol can generate randomness securely. However, for our QRNG protocol to be practically useful, we may also demand that, on average, it produces more randomness than the one consumed to run the protocol.
In this work, as we consider strong extractors for the randomness extraction, it is sufficient to consider the randomness consumed to choose the inputs T, X and Y as we can treat the extractor seed as part of the output. As the optimal input distribution is biased, one could either use a biased random seed or convert a uniform random seed into a biased one (for example, using the interval algorithm 51 ). We denote the expected length of random bit string used to generate the inputs by ℓ in . The expected input randomness ℓ in is approximately the Shannon entropy of the inputs (up to some small overhead that is negligible for large block sizes) ' in = HðT, X, YÞ + 3 = n½h 2 ðγÞ + γHðqÞ + 3, ð32Þ where we have used the fact that the inputs for each round are chosen independently from the ones from the preceding rounds and we also used the chain rule for Shannon entropy. Here, h 2 (γ) is the binary entropy function and H(q) is the Shannon entropy of the input distribution {q(x, y)} x,y .

Homodyne detector modelling and characterisation
We model the homodyne detector from two aspects: optical loss and the electronic noise. The optical loss arises from two main parts. The insertion loss of the BS, and the imbalance of the homodyne detection, which is caused by the efficiency mismatch of the two photodiodes and the imperfect BS splitting ratio.
We first characterise the photon detection efficiency of the photodiodes, which includes the quantum efficiency of the photodiodes, coupling loss to the photodiodes, and the insertion loss of the fibrepigtailed GRIN lenses, with an optical power metre (EXFO PM-1100) and a Source Measurement Unit (Keysight U2722A).
The GRIN lenses used are anti-reflection-coated in the range of 1250-1650 nm, with an average reflection of <0.2%. In addition, the waist diameter of the output light beam is in the order of 10 µm, which is much smaller than the diameter of the active region of our PD (100 µm). We measure the detection efficiency of the two photodiodes, including the coupling loss and the insertion loss, by putting a reverse bias at the working voltage of the photodiode, giving a constant power input light from the laser, and measuring the photocurrent by the Source Measurement Unit. The efficiency of the two photodiodes is deduced from the ratio of the measured photocurrent and the input power to be 98.3% and 98.8%, respectively.
The splitting ratio of the beam splitter is measured to be 50.4:49.6, and the insertion loss is 0.2 dB. By matching the beam splitter with the PDs, and carefully balancing the amplitudes of the two arms, we gradually increase the input LO power with a variable optical attenuator (Yokogawa AQ2200-311A) and obtain the noise measurements. For frequency domain measurement, a spectrum analyser (Rohde & Schwarz FSV40) is used, with a resolution bandwidth of 1 MHz and a video bandwidth of 5 MHz. For the measurement of the noise variance and clearance, an oscilloscope (Tektronix MSO64 BW 2.5 GHz) is utilised.
The characterisation results are shown in Fig. 1d, e. With a 10 mW LO input, a clearance of 16.94 dB is obtained. Under the assumption that the electronic noise of homodyne detector possesses a Gaussian distribution and is independent of the measured optical signal, we follow the model proposed in ref. 52 and treat the effect of the electronic noise as equivalent to efficiency loss. In our case, an equivalent efficiency of 97.98% is estimated.
Taking all the factors into consideration, the total effective efficiency of our homodyne detector is characterised to be 91.7%.

Two-mode coherent states
Two-mode coherent states are used in our system for quantum state preparation. Here, we give the basic form of the quadrature operator of the two-mode coherent state, and show that the quadrature value can be obtained by combining the quadrature values of individual temporal modes.
Without loss of generality, we define the creation (annihilation) operators of the early and late temporal modes byâ y e (â e ) andâ y l (â l ), respectively. Therefore, the quantum state composed of coherent states in both temporal modes can be expressed by: where |α t | = ffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffi |α e | 2 + |α l | 2 q andâ y t = 1 |α t | ðα eâ y e + α lâ y l Þ represent the amplitude and the creation operator of the new two-mode coherent state, respectively. In our case, we have |α l = | À α e , |α t | = ffiffiffi 2 p |α|, andâ Previously, we took for granted that our QRNG protocol specifies a P&M game that is used to test whether the devices are working as expected. However, constructing a game that is optimal for certifying randomness generation is a non-trivial task. In this section, we use the SDP duality to construct a P&M game that can asymptotically witness the same amount of randomness that is certified by full input-output probability distribution {P(b|x, y)} b,x,y . The idea behind our method is to find a linear function of the input-output probability distribution that witnesses the randomness generated by Bob's measurement. Then, from this linear function, we could derive the input distribution q(x, y) and the winning outputs b xy . Similar constructions have been used in device-independent quantum information processing to construct an optimal Bell inequality for certifying randomness 53,54 and selftesting 55 .
Asymptotically, we expect that the full input-output probability distribution should be optimal for witnessing randomness as it contains the full statistical information about the devices' behaviour. Let us now suppose that the expected input-output probability distribution is known (either by modelling the honest implementation or calibrating the device prior to the protocol). To construct a game that could optimally certify the amount of randomness, we shall consider the following SDP for the guessing probability subject to the full inputoutput probability distribution. max fM b|y g b,y , fΠ e g e , U Suppose that the optimal dual solution to (36) for the kth level of relaxation is given bŷ ξðb, x, yÞPðb|x, yÞ ≥ p g ðB i |T i = 0, X i = 0, Y i = 0, RÞ, ð37Þ where ξ 0 is associated with the non-statistical constraints. Any feasible dual solution is a linear function of the input-output distribution that upper bounds the guessing probability. As such, the set of feasible dual solutions to the SDP gives a family of linear upper bounds on the guessing probability whiled k is the tightest upper bound on the guessing probability among the family (in fact, it is "tight" up to the semi-definite relaxation 31 where in the first equality we use the normalisation constraint. Noting that we are just subtracting a constant fromd k , expression (38) is still an almost tight witness on the guessing probability. Finally, we could also divide the above expression by a constant and the resulting expression would still be an almost tight witness on the guessing probability. By construction, {q(x, y)} x,y is a valid probability distribution. Moreover, as b 0 xy is defined such thatd k (and hence, the bound on the guessing probability) would be higher when Pðb 0 xy |x, yÞ increases, we could interpret b 0 xy as the losing outcome (i.e., we assign the score C = 0) when the inputs x and y are chosen and q(x, y) as the probability of choosing this pair of inputs. In this case, the game G is defined as one where for Alice and Bob choose the inputs (x, y) with probability q(x, y) and the winning outcome is given by b xy = b 00 xy . The game construction that we have described above is almost optimal to witness the generated randomness. However, the construction may not minimise the randomness consumed to choose the inputs and hence, its performance in terms of the expanded randomness may be far from optimal. Formulating the optimal game construction that maximises the net randomness expansion rate would be an interesting direction for future work.

Randomness extraction
Toeplitz hashing utilises a Toeplitz matrix, H. The Toeplitz matrix is an m × n diagonal-constant matrix, and it is constructed by filling up the first column and first row of the matrix with a uniform seed, denoted by S. Thus, the seed length required for Toeplitz hashing is n + m − 1 bits. The hashing is done by expressing the raw bits as a column vector and performing matrix-vector multiplication with the Toeplitz matrix. We used the calculated bit generation rate of 0.00455 and constructed a Toeplitz matrix H with the parameters m = 45 and n = 10,000. A field programmable gate array (FPGA) is the chosen platform for implementation of Toeplitz hashing. The schematic of our postprocessing on FPGA is shown in Fig. 5. The raw data is stored on a personal computer (PC) and sent in batches of approximately 600 Mbits via 1G Ethernet to the FPGA. Upon receiving the batch of raw The raw numbers are stored on a personal computer (PC) and sent to the field programmable gate array (FPGA) via 1G Ethernet. The data is stored in the double data rate 4th generation random access memory (DDR4 RAM) on the processing system (PS) and multiplexed into the Toeplitz hashing core on the programmable logic (PL) side of the FPGA. The output from the Toeplitz hashing core is accumulated and sent back to PC via 1G Ethernet. data, the processing system (PS) on FPGA sends in 10 kbits of data to the programmable logic (PL), where the data will be further split into 10 batches of 1 kbits each. The multiplexing of raw data and seed is done via pipelining and the Toeplitz hashing algorithm is executed in parallel. The PS then receives the output of 45 bits from PL, and sends in a new set of 10 kbits of data to PL, repeating until all the data in the current batch has been processed. The PS then sends the extracted random numbers of the current batch to PC via Ethernet and waits for a new batch, until all 10.622 Gbits of raw data has been processed.

Data availability
All of the data that support the findings of this study are available in the main text. Source data are available from the corresponding author on request.

Code availability
The codes used for simulation are available from the corresponding author on request.